The Catholic University of America

Welcome to the FERPA section of our webpage. This front page will reflect our most current information on federal student records law affecting educational institutions.

Best Practices for Data Destruction: Issued by the Privacy Technical Assistance Center

While FERPA is silent on specific technical requirements governing data destruction, methods
discussed in this document should be viewed as best practice recommendations for educational
agencies and institutions to consider adopting when establishing record retention and data governance policies to follow internally, and also for inclusion in any written agreements and contracts they make with third parties to whom they are disclosing PII.

Improving the Effectiveness and Efficiency of FERPA Enforcement: Significant but non-binding Guidance: USDOE, Dec. 20, 2018. This document lays out a new, more efficient path for reviewing FERPA complaints. Not all complaints require a formal resolution process. Instead, the Department will triage complaints to determine the best mechanism for resolving the situation. Sometimes the process will be FPCO acting as intermediary, and some complaints will be referred to the Privacy Technical Assistance Center for Guidance. 

NACUANOTES:  Key Issues in Managing Data Breach Risk In Higher Education:Practical Tips for Before, During and After, By Sandra Brown and Scott Schneider, Oct. 12, 2018.